(Reuters) - Iranian hackers have repeatedly attacked Bank of America Corp , JPMorgan Chase & Co and Citigroup Inc over the past year, as part of a broad cyber campaign targeting the United States, according to people familiar with the situation.

The attacks, which began in late 2011 and escalated this year, have primarily been "denial of service" campaigns that disrupted the banks' websites and corporate networks by overwhelming them with incoming web traffic, said the sources.

Whether the hackers have been able to inflict more serious damage on computer networks or steal critical data is not yet known. The sources said there was evidence suggesting the hackers targeted the banks in retaliation for their enforcement of Western economic sanctions against Iran.

Iran has beefed up its cyber capabilities after its nuclear program was damaged in 2010 by the Stuxnet virus, widely believed to have been developed by the United States. Tehran has publicly advertised its intentions to build a cyber army and encouraged private citizens to hack against Western countries.

The attacks on the three largest U.S. banks originated in Iran, but it is not clear if they were launched by the state, groups working on behalf of the government, or "patriotic" citizens, according to the sources, who requested anonymity as they were not authorized to discuss the matter.
They said the attacks shed new light on the potential for Iran to lash out at Western nations' information networks.

"Most people didn't take Iran seriously. Now most people are taking them very seriously," said one of the sources, referring to Iran's cyber capabilities.

Iranian officials were not available for comment. Bank of America, JPMorgan and Citigroup declined to comment, as did officials with the Pentagon, U.S. Department of Homeland Security, Federal Bureau of Investigation, National Security Agency and Secret Service.
A U.S. financial services industry group this week warned banks, brokerages and insurers to be on heightened alert for cyber attacks after the websites of Bank of America and JPMorgan Chase's experienced unexplained service disruptions.
NBC reported late on Thursday that the Iranian government was behind these attacks, citing U.S. national security sources. Reuters could not verify that independently.
Tensions between the United States and Iran, which date back to the revolution in 1979 that resulted in the current Islamic republic, have escalated in recent years as Washington led the effort to prevent Tehran from getting a nuclear bomb and imposed tough economic sanctions.
DISRUPTIVE CAMPAIGN
Denial-of-service campaigns are among the oldest types of cyber attacks and do not require highly skilled computer programmers or advanced expertise, compared with sophisticated and destructive weapons like Stuxnet.
But denial-of-service attacks can still be very disruptive: If a bank's website is repeatedly shut down, the attacks can hurt its reputation, affect customer retention and cause revenue losses as customers cannot open accounts or conduct other business.

Bank of America, Citigroup and JPMorgan Chase have consulted the FBI, Department of Homeland Security and National Security Agency on how to strengthen their networks in the face of the Iranian attacks, the sources said. It was not clear whether law enforcement agencies are formally investigating the attacks.

The Iranian attackers may have used denial-of-service to distract the victims from other, more destructive assaults that have yet to be uncovered, the sources said.

Frank Cilluffo, who served as homeland security adviser to U.S. President George W. Bush, told Reuters that he knows of "cyber reconnaissance" missions that have come from Iran but declined to give specifics.
"It is yet to be seen whether they have the wherewithal to cause significant damage," said Cilluffo, who is now director of the Homeland Security Policy Institute at George Washington University.

security experts said Iran's cyber capabilities are not as sophisticated as those of the China, Russia, the United States or many of its Western allies. Jim Lewis, a former U.S. Foreign Service officer, said Iran has been testing its cyber technology against Israel and other Gulf states in recent years
.
"It's like the nuclear program: It isn't particularly sophisticated but it makes progress every year," said Lewis, who is a senior fellow at the Center for Strategic & International Studies.

I hope you giggle like this when Ahmed fukwad busts into your bank account and steals the contents of your checking account.

Maybe overly dramatic however let's not forget whose money are in those banks.

Banks are not the real issue. They need to improve but in the last 5 years they have made great strides in cyber security.

The main thing you should be worried about is our utilites. They will be yucking it up when they are without power for days/weeks because their power grid is controlled by computers and a state/country got by their lax security.

An act of war? On what, private businesses that are crooks and frauds?

Seriously, if we've been doing to same to them by sending computer worms, you expect them to just lie down and take it without retaliation? You're as bad as some of the NeoConservatives.

Meanwhile, the current Department of State has removed the Marxist-Islamist death and murder cult, Mujahedeen Khalq (MeK), from the US terror list this past Friday. They engage in murder and mayhem inside Iran against civilian targets. But since the US and Israeli's fund and train them, our terror is okay especially on people who weren't behind 9/11.

Banks are not the real issue. They need to improve but in the last 5 years they have made great strides in cyber security.

The main thing you should be worried about is our utilites. They will be yucking it up when they are without power for days/weeks because their power grid is controlled by computers and a state/country got by their lax security.

And then they will be on here going........... where was Obama?

Well I'm going to have to disagree. If they're without power, they won't be on here.

An act of war? On what, private businesses that are crooks and frauds?

I said banks are the biggest issue. And as the wall street debacle made it plain, we are all dependent on each other and our shared infrastructure. You think you wont be effected by your utlitity companies being taken down? Your water supply compromised?

Quote:

Originally Posted by BucEyedPea

An act of war?
Seriously, if we've been doing to same to them by sending computer worms, you expect them to just lie down and take it without retaliation? You're as bad as some of the NeoConservatives.

Yes, it was an act of war. They invaded our soverign territory with intent to do commit damage to the USA.

If a country was responsible for the stuxnut and flame virus in Iran. That would also be considered an act of war.

Yes, it was an act of war. They invaded our soverign territory with intent to do commit damage to the USA.

Well, like I said, we invaded their sovereign territory circa 2003 and Bush and Obama have been ordering cyber attacks already on Iran.

Quote:

If a country was responsible for the stuxnut and flame virus in Iran. That would also be considered an act of war.

Well, duh, who did that? The Stuxnet worm was developed by our CIA, other U.S. agencies and Israel. You completely ignored who started these acts of war. Pay attention to cause and effect sequences.

Quote:

WASHINGTON—The U.S. is pursuing a wide-ranging, high-tech campaign against Iran's nuclear program that includes the cybersabotage project known as Stuxnet, which was developed by the Central Intelligence Agency in conjunction with Idaho National Laboratory, the Israeli government, and other U.S. agencies, according to people familiar with the efforts.

Quote:

Through the administrations of President Barack Obama and his predecessor, George W. Bush, the U.S. has pursued a cyber campaign, code-named "Olympic Games," to attack the Iranian program, former officials said.

Quote:

"It's part of a larger campaign," said a former U.S. official familiar with the efforts. "It's a preferable alternative to airstrikes."